Though it’s been less than 24 hours since Equifax’s bombshell disclosure that the personal information of 143 million people was compromised in a data breach between May and July, the company's response is already being widely condemned.
It’s a case study in why organizations can’t merely go through the motions when it comes to a crisis response. Consumers, policy makers and the press are smarter than that. It’s not enough to say “sorry” and offer a free “comprehensive package of identity theft protection and credit file monitoring.”
Not only did it take Equifax a month after discovering the breach to notify the public, we’re now learning that three of its executives sold nearly $2 million in stock during that gap in time.
In addition, social media was abuzz with the revelation that consumers must, in fact, waive their right to sue Equifax or be part of a class action suit in order to check if their data was stolen. That’s downright offensive. It demonstrates how Equifax doesn’t truly understand or appreciate the corporate climate they are operating in.
Consumers demand genuine humility, honesty and transparency. Violating these demands is not just be bad for business, it could be illegal.
Rightfully so, New York’s attorney general has already opened an investigation. For many consumers, the Equifax mess perpetuates the belief that big business consists of heartless fat cats looking out only for themselves.
This crisis resonates with just about everyone because credit monitoring services possess sensitive personal and financial information. One reporter called Equifax “a one-stop shop for potential identity thieves, with databases that include Social Security numbers, addresses, driver’s license data and birth dates as well as financial records.” That makes credit monitoring services ideal targets for hackers.
Consequently, we should expect and hold them to a higher standard when it comes to safeguarding our personal information.
Washington is weighing in. Senator Elizabeth Warren, who earned her reputation as a consumer champion, is tweeting that Equifax must be held legally responsible, while the House Financial Services Committee has announced hearings into the breach. This will guarantee Equifax’s crisis remains in the news for days, if not weeks and months.
As the heat was being turned up Friday, a story in the NY Post suggested Equifax is now blaming their software provider for the data breach, thus violating another crisis communications commandment: Accept responsibly.
Yes, we can all be hacked. But it appears Equifax has no one to blame but itself regarding how it chose to respond and what lies ahead. That’s disappointing, to say the least, for a company that claimed to be looking out for all of us.
T.J. Winick is a Vice President at Solomon McCown & Company. Prior to SM&, T.J. was a correspondent for ABC News based out of Washington, D.C. and New York City.